Secure Mobile Identities
This addresses security issues for mobile users and devices, but appears incremental as it builds on existing SIM authentication.
The paper tackles the vulnerability of mobile user and device identities to network-level threats by proposing Secure Mobile Identities (SMI), a repetitive key-exchange protocol that builds on weak SIM authentication to establish stronger identity authenticity, with security enhanced by trusted location signatures.
The unique identities of every mobile user (phone number,IMSI) and device (IMEI) are far from secure and are increasingly vulnerable to a variety of network-level threats. The exceedingly high reliance on the weak SIM authentication layer does not present any notion of end-to-end security for mobile users. We propose the design and implementation of Secure Mobile Identities (SMI), a repetitive key-exchange protocol that uses this weak SIM authentication as a foundation to enable mobile users to establish stronger identity authenticity. The security guarantees of SMI are directly reliant on the mobility of users and are further enhanced by external trusted entities providing trusted location signatures (e.g. trusted GPS, NFC synchronization points). In this paper, we demonstrate the efficacy of our protocol using an implementation and analysis across standard mobility models.